Specifications

ManualsBrandsVeriFone ManualsGadgetsOmni 3740

OMNI 37XX REFERENCE MANUAL 55

CHAPTER 5

File Authentication

This chapter discusses VeriShield’s

file authentication

security architecture.

• Overviews the VeriShield file authentication module, and the organizational

infrastructure that supports it. See Introduction to File Authentication.

• Explains how the file authentication process may affect the tasks normally

performed by application programmers, terminal deployers, site

administrators, or by entities authorized to download files to an Omni 37xx

terminal. See File Authentication and the File System.

• Describes how to use the file signing utility, FILESIGN.EXE, to generate the

signature files that are required to perform downloads and authenticate files

on the Omni 37xx terminal. See FILESIGN.EXE File Signing Tool.

In Chapter 6, the topic of file authentication is also discussed in the context of

specific file download procedures.

Introduction to

File

Authentication

The Omni 37xx terminal has a new type of security architecture, developed by

VeriFone. This architecture, called VeriShield, has both physical and logical

components. The logical security component of the VeriShield architecture, which

is part of the terminal’s operating system software, is called the file authentication

module, or simply, file authentication.

File authentication is a secured process for authenticating files using digital

signatures, cryptographic keys, and digital certificates. This process makes it

possible for the sponsor of an Omni 37xx terminal to logically secure access to the

terminal by controlling who is authorized to download application files to that

terminal. It proves and verifies the, file’s origin, sender’s identity, and integrity of

the file’s information.

The VeriFone

Certificate

Authority

To manage the tools and processes related to the file authentication module of

the VeriShield security architecture, VeriFone has established a centralized

VeriFone Certificate Authority, or

VeriFone CA

. This agency is responsible for

managing keys and certificates. The VeriFone CA uses an integrated set of

software tools to generate and distribute digital certificates and private

cryptographic keys to customers who purchase Omni 37xx terminals.

Special Files Used

in the File

Authentication

Process

The following specially formatted files support the file authentication process:

• A digital certificate is a digital, public document used to verify the signature

of a file.